<?php
session_start();
require 'check_login.php';
require 'config.php';

if (isset($_GET['id'])) {
    $fileId = intval($_GET['id']);
    $userId = $_SESSION['user']['id'];

    // 检查文件是否属于当前用户
    $stmt = $pdo->prepare('SELECT * FROM files WHERE id = ? AND user_id = ?');
    $stmt->execute([$fileId, $userId]);
    $file = $stmt->fetch();

    if ($file) {
        $filePath = $file['path'];
        if (file_exists($filePath)) {
            unlink($filePath);
        }
        // 从数据库中删除记录
        $stmt = $pdo->prepare('DELETE FROM files WHERE id = ?');
        $stmt->execute([$fileId]);

        echo '文件已删除';
    } else {
        echo '文件不存在或无权限删除';
    }
} else {
    echo '无效的请求';
}
?>